diff options
author | Peter Mikus <pmikus@cisco.com> | 2022-03-28 14:18:54 +0200 |
---|---|---|
committer | Peter Mikus <pmikus@cisco.com> | 2022-03-30 15:33:28 +0200 |
commit | 9153649f4d6a56821be494fe02d5cd6faa11ebc2 (patch) | |
tree | d36ec40ee730177d5e92feec5178602a038f6805 /fdio.infra.terraform/terraform-aws-1n-aws-c5n/main.tf | |
parent | ad8149cc4fc9f5a703f5cffd5557abc0874d4d50 (diff) |
feat(terraform): 1n_aws_c5n
Signed-off-by: Peter Mikus <pmikus@cisco.com>
Change-Id: I12d2d58de01693b18628cd73b5d8c36467506f32
Diffstat (limited to 'fdio.infra.terraform/terraform-aws-1n-aws-c5n/main.tf')
-rw-r--r-- | fdio.infra.terraform/terraform-aws-1n-aws-c5n/main.tf | 201 |
1 files changed, 201 insertions, 0 deletions
diff --git a/fdio.infra.terraform/terraform-aws-1n-aws-c5n/main.tf b/fdio.infra.terraform/terraform-aws-1n-aws-c5n/main.tf new file mode 100644 index 0000000000..c99d839bd2 --- /dev/null +++ b/fdio.infra.terraform/terraform-aws-1n-aws-c5n/main.tf @@ -0,0 +1,201 @@ +data "vault_aws_access_credentials" "creds" { + backend = "${var.vault-name}-path" + role = "${var.vault-name}-role" +} + +locals { + ansible_python_executable = "/usr/bin/python3" + availability_zone = "eu-central-1a" + name = "csit-vpc" + environment = "csit-vpc-environment" + key_pair_key_name = "${var.resource_prefix}-${var.testbed_name}-pk" + placement_group_name = "${var.resource_prefix}-${var.testbed_name}-pg" + security_group_name = "${var.resource_prefix}-${var.testbed_name}-sg" + testbed_name = "testbed1" + topology_name = "1n-aws-c5n" + tg_name = "${var.resource_prefix}-${var.testbed_name}-tg" + sut1_name = "${var.resource_prefix}-${var.testbed_name}-sut1" +} + +# Create VPC +module "vpc" { + source = "../terraform-aws-vpc" + security_group_name = local.security_group_name + subnet_availability_zone = local.availability_zone + tags_name = local.name + tags_environment = local.environment +} + +# Create Subnet +module "subnet_b" { + source = "../terraform-aws-subnet" + subnet_cidr_block = "192.168.10.0/24" + subnet_ipv6_cidr_block = cidrsubnet(module.vpc.vpc_ipv6_cidr_block, 8, 2) + subnet_availability_zone = local.availability_zone + tags_name = local.name + tags_environment = local.environment + subnet_vpc_id = module.vpc.vpc_id +} + +# Create Private Key +resource "tls_private_key" "private_key" { + algorithm = var.private_key_algorithm + ecdsa_curve = var.private_key_ecdsa_curve + rsa_bits = var.private_key_rsa_bits +} + +# Create Key Pair +resource "aws_key_pair" "key_pair" { + depends_on = [ + tls_private_key.private_key + ] + key_name = local.key_pair_key_name + public_key = tls_private_key.private_key.public_key_openssh +} + +# Create Placement Group +resource "aws_placement_group" "placement_group" { + name = local.placement_group_name + strategy = var.placement_group_strategy +} + +# Create Instance +resource "aws_instance" "tg" { + depends_on = [ + module.vpc, + aws_placement_group.placement_group + ] + ami = var.tg_ami + availability_zone = local.availability_zone + associate_public_ip_address = var.tg_associate_public_ip_address + instance_initiated_shutdown_behavior = var.tg_instance_initiated_shutdown_behavior + instance_type = var.tg_instance_type + key_name = aws_key_pair.key_pair.key_name + placement_group = aws_placement_group.placement_group.id + private_ip = var.tg_private_ip + source_dest_check = var.tg_source_dest_check + subnet_id = module.vpc.vpc_subnet_id + vpc_security_group_ids = [module.vpc.vpc_security_group_id] + # host_id = "1" + + root_block_device { + delete_on_termination = true + volume_size = 50 + } + + tags = { + "Name" = local.tg_name + "Environment" = local.environment + } +} + +resource "aws_network_interface" "tg_if1" { + depends_on = [ + module.subnet_b, + aws_instance.tg + ] + private_ips = [var.tg_if1_private_ip] + security_groups = [module.vpc.vpc_security_group_id] + source_dest_check = var.tg_source_dest_check + subnet_id = module.subnet_b.subnet_id + + attachment { + instance = aws_instance.tg.id + device_index = 1 + } + + tags = { + "Name" = local.tg_name + "Environment" = local.environment + } +} + +resource "aws_network_interface" "tg_if2" { + depends_on = [ + module.subnet_b, + aws_instance.tg + ] + private_ips = [var.tg_if2_private_ip] + security_groups = [module.vpc.vpc_security_group_id] + source_dest_check = var.tg_source_dest_check + subnet_id = module.subnet_b.subnet_id + + attachment { + instance = aws_instance.tg.id + device_index = 2 + } + + tags = { + "Name" = local.tg_name + "Environment" = local.environment + } +} + +data "aws_network_interface" "tg_if1" { + id = aws_network_interface.tg_if1.id +} + +data "aws_network_interface" "tg_if2" { + id = aws_network_interface.tg_if2.id +} + +resource "aws_route" "route_tg_if1" { + depends_on = [ + aws_instance.tg + ] + destination_cidr_block = var.destination_cidr_block_tg_if1 + network_interface_id = aws_instance.tg.primary_network_interface_id + route_table_id = module.vpc.vpc_main_route_table_id +} + +resource "aws_route" "route_tg_if2" { + depends_on = [ + aws_instance.tg + ] + destination_cidr_block = var.destination_cidr_block_tg_if2 + network_interface_id = aws_instance.tg.primary_network_interface_id + route_table_id = module.vpc.vpc_main_route_table_id +} + +resource "null_resource" "deploy_tg" { + depends_on = [ + aws_instance.tg, + aws_network_interface.tg_if1, + aws_network_interface.tg_if2 + ] + + connection { + user = "ubuntu" + host = aws_instance.tg.public_ip + private_key = tls_private_key.private_key.private_key_pem + } + + provisioner "remote-exec" { + inline = var.first_run_commands + } +} + + +resource "null_resource" "deploy_topology" { + depends_on = [ + aws_instance.tg + ] + + provisioner "ansible" { + plays { + playbook { + file_path = var.ansible_topology_path + } + hosts = ["local"] + extra_vars = { + ansible_python_interpreter = local.ansible_python_executable + testbed_name = local.testbed_name + cloud_topology = local.topology_name + tg_if1_mac = data.aws_network_interface.tg_if1.mac_address + tg_if2_mac = data.aws_network_interface.tg_if2.mac_address + tg_public_ip = aws_instance.tg.public_ip + public_ip_list = "${aws_instance.tg.public_ip}" + } + } + } +}
\ No newline at end of file |